CVE-2014-9748

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2014-9748
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2014-9748.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2014-9748
Related
Published
2020-02-11T17:15:11Z
Modified
2024-11-21T02:21:34Z
Severity
  • 8.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

The uvrwlockt fallback implementation for Windows XP and Server 2003 in libuv before 1.7.4 does not properly prevent threads from releasing the locks of other threads, which allows attackers to cause a denial of service (deadlock) or possibly have unspecified other impact by leveraging a race condition.

References

Affected packages

Debian:11 / nodejs

Package

Name
nodejs
Purl
pkg:deb/debian/nodejs?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.0.0~dfsg-1

Ecosystem specific 

{
    "urgency": "unimportant"
}

Debian:12 / nodejs

Package

Name
nodejs
Purl
pkg:deb/debian/nodejs?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.0.0~dfsg-1

Ecosystem specific 

{
    "urgency": "unimportant"
}

Debian:13 / nodejs

Package

Name
nodejs
Purl
pkg:deb/debian/nodejs?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.0.0~dfsg-1

Ecosystem specific 

{
    "urgency": "unimportant"
}